03-22-2011
• COMPUTERWORLD
For more than 24 hours this week, it was a question that very few security experts could answer: Who had knocked the world's worst spam botnet offline?
After infecting close to a million computers and spamming out as many as 30 billion unwanted email messages a day, the Rustock botnet went silent around 11 a.m. Eastern Time on Wednesday.
Now we know the reason why: a small group of computer researchers, backed by Microsoft's lawyers, U.S. Marshals and international law enforcement officers executed a number of surgical strikes on the botnet. Hitting it as if it were the mythical Hydra, they cut off Rustock's heads -- its command-and-control servers -- and scorched them to keep them from growing back. And now Microsoft is helping to clean up infected computers before Rustock's owners have a chance to regain control of their botnet.
With seizure warrants in their hands, and U.S. Marshals backing them up, Microsoft's lawyers descended on five hosting providers in U.S. cities suc